<?php
namespace app\middleware;

use think\facade\Db;
use think\facade\Session;
use think\facade\Config;
class AdminAuth
{
    public function handle($request, \Closure $next)
    {
		$admin_id=session(config("auth.USER_AUTH_KEY"));
		if($admin_id==1 || $admin_id==2 || $admin_id==3){ //超级管理员不验证权限
			return $next($request);
		}
		$NOT_AUTH_MODULE=strtolower(config("auth.NOT_AUTH_MODULE"));
		$NOT_AUTH_MODULE=explode(",",$NOT_AUTH_MODULE);

		if(in_array(strtolower(CONTROLLER),$NOT_AUTH_MODULE)) return $next($request);
 		$node_id = Db::name('auth_nodes')->where("url",CONTROLLER."/".ACTION)->value('id'); //获取节点ID
		if(!$node_id){
			return json(['msg'=>'没有权限！','code'=>9999]);
		}
        //当前管理员权限
         $rules=Db::name("auth_admin")->alias("a")->join("auth_group b", "a.group_id=b.group_id", "LEFT")->where("a.id", $admin_id)->value("b.rules");
         $rules = explode(',',$rules); //已授权节点	
		 
         if(!in_array($node_id,$rules)){
			return json(['msg'=>'没有权限！','code'=>9999]);
         }
        return $next($request);
    }
	
}